sneak/upaas
1
0
Fork 0
Code Issues 21 Pull Requests 2 Actions Packages Projects Releases Wiki Activity

BUG: Race condition between manual deploy and webhook deploy on same app #38

New Issue
Closed
opened 2026-02-16 06:56:33 +01:00 by clawbot · 1 comment
clawbot commented 2026-02-16 06:56:33 +01:00
Collaborator
Copy Link

Severity: MEDIUM

File: internal/service/deploy/deploy.go lines ~220-240, internal/handlers/app.go HandleAppDeploy, internal/service/webhook/webhook.go triggerDeployment

Description

The per-app deployment lock (tryLockApp) correctly prevents concurrent deploys for the same app. However, when a deploy is rejected with ErrDeploymentInProgress:

  1. In HandleAppDeploy (manual deploy): The error is logged but the user is immediately redirected to the deployments page. The user sees no indication that the deploy was rejected — it looks like it was accepted.

  2. In triggerDeployment (webhook): The error is logged but the webhook event is never marked as processed = true, and no retry mechanism exists. The deployment is silently lost.

Suggested Fix

  1. For manual deploys, redirect with an error query param: ?error=deployment_in_progress
  2. For webhook-triggered deploys, either:
    • Queue the webhook event and retry after the current deploy finishes
    • Mark the event as processed with a note that it was skipped due to concurrent deploy
  3. Consider adding a skipped status for webhook events
## Severity: MEDIUM ## File: `internal/service/deploy/deploy.go` lines ~220-240, `internal/handlers/app.go` HandleAppDeploy, `internal/service/webhook/webhook.go` triggerDeployment ## Description The per-app deployment lock (`tryLockApp`) correctly prevents concurrent deploys for the same app. However, when a deploy is rejected with `ErrDeploymentInProgress`: 1. **In `HandleAppDeploy` (manual deploy)**: The error is logged but the user is immediately redirected to the deployments page. The user sees no indication that the deploy was rejected — it looks like it was accepted. 2. **In `triggerDeployment` (webhook)**: The error is logged but the webhook event is never marked as `processed = true`, and no retry mechanism exists. The deployment is silently lost. ## Suggested Fix 1. For manual deploys, redirect with an error query param: `?error=deployment_in_progress` 2. For webhook-triggered deploys, either: - Queue the webhook event and retry after the current deploy finishes - Mark the event as processed with a note that it was skipped due to concurrent deploy 3. Consider adding a `skipped` status for webhook events
sneak commented 2026-02-16 07:06:57 +01:00
Owner
Copy Link

webhook-triggered deploys should cancel the deploy in progress, and start a new one. make me a PR

webhook-triggered deploys should cancel the deploy in progress, and start a new one. make me a PR
sneak closed this issue 2026-02-16 09:06:41 +01:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels   
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
notplanned

   
question

More information is needed

  
wontfix

This won't be fixed

No Label
bug
duplicate
enhancement
help wanted
invalid
notplanned
question
wontfix
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: sneak/upaas#38
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?